Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Healthcare - VISN 4 (VISN 4)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on June 27, 2012. Also cited in 239 other reports.
Report ID: SPE000000077217, U.S. Department of Veterans Affairs
Reported Entity: VISN 04 Pittsburgh, PA
Issue:
On 06/25/12, the Information Security Office (ISO) provided the Privacy Officer (PO) a questionable sensitive record access log for review. Accesses made by an employee with the same last name as a Veteran were flagged questionable. The Privacy Officer noted the NOK listed for the Veteran was the same name as the employee. At that time, our offices were unable to determine that the accesses were appropriate and therefore requested supervisory input. Update: 06/27/12:The Supervisor was asked to review the accesses. She was unable to determine that the accesses were in the performance of the employees job duties. The ISO and PO offered the employee an opportunity to provide further input as to why these 49 accesses occurred. The employee indicated the Veteran is her husband and she is the POA. The accesses were not in the performance of her assigned job duties. She alleges these accesses were at the request of the Veteran to supposedly find out what was going on with his medication and treatment. 06/27/12:This is a policy violation.07/10/12:An appeal was filed. the PO requested that notification be authorized. The DBCT concurred. the Veteran will receive a letter of notification.
Outcome:
The employee's user access has been disabled and a Security Privacy Violation Memo is being sent to Service Line Mgt concerning this employee.